sys.dm_server_external_policy_principals (Transact-SQL)

Applies to: SQL Server 2022 (16.x) Azure SQL Database

Lists all database and server principals created from Microsoft Entra ID (formerly Azure Active Directory) which are given connect permissions through external policies.

Column name	Data type	Description
sid	varbinary(85)	SID (Security-IDentifier) of the principal.
aad_object_id	nvarchar(72)	Microsoft Entra Object ID of the principal. Is unique within an Azure tenant.
type	nvarchar(4)	Principal type: Z=External policy.
type_desc	nvarchar(60)	Description of the principal type: RBAC_ASSIGNED_USER.
authentication_type	int	Authentication type: 5.
authentication_type_desc	nvarchar(60)	Description of the authentication type: 5=AZURE_IAM_RBAC.

Permissions

Principals must have the VIEW SERVER SECURITY STATE permission.

See also

sys.dm_server_external_policy_principal_assigned_actions (Transact-SQL)

• Provision access by data owner for Azure SQL Database

• Provision access by data owner for SQL Server on Azure Arc-enabled servers